Re: [TLS] Re: Review of draft-santesson-tls-gssapi-03
Martin Rex <Martin.Rex@sap.com> Wed, 12 September 2007 17:16 UTC
Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IVVpb-00029p-Sy; Wed, 12 Sep 2007 13:16:51 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IVVpa-00025W-Ja for tls@lists.ietf.org; Wed, 12 Sep 2007 13:16:50 -0400
Received: from smtpde03.sap-ag.de ([155.56.68.140]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1IVVpY-0004jc-UL for tls@lists.ietf.org; Wed, 12 Sep 2007 13:16:50 -0400
Received: from sap.corp by smtpde03.sap-ag.de (26) with ESMTP id l8CHGQKK011266; Wed, 12 Sep 2007 19:16:26 +0200 (MEST)
From: Martin Rex <Martin.Rex@sap.com>
Message-Id: <200709121716.l8CHGQrS015174@fs4113.wdf.sap.corp>
Subject: Re: [TLS] Re: Review of draft-santesson-tls-gssapi-03
To: simon@josefsson.org
Date: Wed, 12 Sep 2007 19:16:26 +0200
In-Reply-To: <87abrse6y9.fsf@mocca.josefsson.org> from "Simon Josefsson" at Sep 12, 7 08:25:18 am
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
X-Spam-Score: -4.0 (----)
X-Scan-Signature: 9ed51c9d1356100bce94f1ae4ec616a9
Cc: tls@lists.ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: martin.rex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
Simon Josefsson wrote: > > > It is generally beneficial to provide privacy protection for > > mechanisms that send client identifiers in the clear. Furthermore, > > encrypting the GSS-API data can improve the strength of the overall > > systems, and when applicable complicate offline dictionary attacks > > against users' secrets based on which the keying materials are > > derived. Therefore unless otherwise specified, TLS-renegotiation as > > defined in section 7.4.1.1 of [RFC4346] MUST be used to encrypt the > > GSS data in FXA-TLS gss_api extension. This implies that the client > > and server negotiate FKA-TLS after completing a certificate-based > > TLS-handshake, typically to facilitate client authentication. > > I like this. I also like this text better (however I still don't like the entire proposal and want to come up with an alternative proposal--unfortunately personal and health issues are severely draining my time at the moment). It adds round-trips, though. > > This text leads to an even stronger argument for permitting X.509 client > authentication in the first authentication step. Otherwise you are > vulnerable to tunneling attacks of the GSS-API authentication step since > there appear to be no channel binding used. I fully agree. I mentioned a couple of times that I consider it important to make it as easy as possible for consumers to enable cert-based server authentication along with GSS-API client authentication. (this doesn't help the "simple" (unidirectional) gssapi mechanisms, however, since this proposal precludes their use entirely). > > Btw, I forgot to bring up channel bindings. Have you considered > supporting it? It is not critical to me, I consider X.509 or OpenPGP > authentication sufficient to solve the tunnel problem. AFAIK, the architecture of this proposal does provide secure channel bindings, in that it uses gss_prf output for the creation of the master secret using the PSK ciphersuites. -Martin _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- [TLS] Review of draft-santesson-tls-gssapi-03 Simon Josefsson
- RE: [TLS] Review of draft-santesson-tls-gssapi-03 Larry Zhu
- RE: [TLS] Review of draft-santesson-tls-gssapi-03 Larry Zhu
- [TLS] Re: Review of draft-santesson-tls-gssapi-03 Simon Josefsson
- Re: [TLS] Review of draft-santesson-tls-gssapi-03 Martin Rex
- Re: [TLS] Re: Review of draft-santesson-tls-gssapā¦ Martin Rex
- [TLS] Re: Review of draft-santesson-tls-gssapi-03 Simon Josefsson
- RE: [TLS] Review of draft-santesson-tls-gssapi-03 Larry Zhu
- [TLS] RE: Review of draft-santesson-tls-gssapi-03 Larry Zhu
- [TLS] Re: Review of draft-santesson-tls-gssapi-03 Simon Josefsson
- [TLS] RE: Review of draft-santesson-tls-gssapi-03 Larry Zhu